Here, after pulling out the payload from the Stasis message, we get the SecurityEvent field out and assign it to an integer, event_type. Note that we know that the value will be one of the AST_SECURITY_EVENT_* values. In my case, I only care when someone:

Fails to provide a valid accountFails to provide a valid passwordFails a challenge check (rather important for SIP)So we bail on any of the event types that aren’t one of those.